From b471e3a1fe9c8b2be2c1572bcfa392f39b69b967 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 22 Oct 2024 15:45:11 +0200 Subject: [PATCH] 6.1-stable patches added patches: udf-avoid-directory-type-conversion-failure-due-to-enomem.patch --- queue-6.1/series | 1 + ...ype-conversion-failure-due-to-enomem.patch | 42 +++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 queue-6.1/udf-avoid-directory-type-conversion-failure-due-to-enomem.patch diff --git a/queue-6.1/series b/queue-6.1/series index fa4ec5f0992..7eb21f6e149 100644 --- a/queue-6.1/series +++ b/queue-6.1/series @@ -90,3 +90,4 @@ nilfs2-propagate-directory-read-errors-from-nilfs_find_entry.patch powerpc-64-add-big-endian-elfv2-flavour-to-crypto-vmx-asm-generation.patch alsa-hda-conexant-use-cached-pin-control-for-node-0x1d-on-hp-eliteone-1000-g2.patch udf-allocate-name-buffer-in-directory-iterator-on-heap.patch +udf-avoid-directory-type-conversion-failure-due-to-enomem.patch diff --git a/queue-6.1/udf-avoid-directory-type-conversion-failure-due-to-enomem.patch b/queue-6.1/udf-avoid-directory-type-conversion-failure-due-to-enomem.patch new file mode 100644 index 00000000000..52590bddea4 --- /dev/null +++ b/queue-6.1/udf-avoid-directory-type-conversion-failure-due-to-enomem.patch @@ -0,0 +1,42 @@ +From df97f64dfa317a5485daf247b6c043a584ef95f9 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 9 Feb 2023 10:33:09 +0100 +Subject: udf: Avoid directory type conversion failure due to ENOMEM + +From: Jan Kara + +commit df97f64dfa317a5485daf247b6c043a584ef95f9 upstream. + +When converting directory from in-ICB to normal format, the last +iteration through the directory fixing up directory enteries can fail +due to ENOMEM. We do not expect this iteration to fail since the +directory is already verified to be correct and it is difficult to undo +the conversion at this point. So just use GFP_NOFAIL to make sure the +small allocation cannot fail. + +Reported-by: syzbot+111eaa994ff74f8d440f@syzkaller.appspotmail.com +Fixes: 0aba4860b0d0 ("udf: Allocate name buffer in directory iterator on heap") +Signed-off-by: Jan Kara +Signed-off-by: Greg Kroah-Hartman +--- + fs/udf/directory.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +--- a/fs/udf/directory.c ++++ b/fs/udf/directory.c +@@ -248,9 +248,12 @@ int udf_fiiter_init(struct udf_fileident + iter->elen = 0; + iter->epos.bh = NULL; + iter->name = NULL; +- iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL); +- if (!iter->namebuf) +- return -ENOMEM; ++ /* ++ * When directory is verified, we don't expect directory iteration to ++ * fail and it can be difficult to undo without corrupting filesystem. ++ * So just do not allow memory allocation failures here. ++ */ ++ iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL | __GFP_NOFAIL); + + if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) { + err = udf_copy_fi(iter); -- 2.47.2